Commit 3d713ac1 authored by Bob Van Landuyt's avatar Bob Van Landuyt

Users can accept terms during registration

When a user checks the `accept` checkbox, we will track that
acceptance as usual. That way they don't need to accept again after
they complete the registration.

When an unauthenticated user visits the `/-/users/terms` page, there
is no button to accept, decline or continue. The 'current-user menu'
is also hidden from the top bar.
parent ebdc7f11
...@@ -3,6 +3,9 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -3,6 +3,9 @@ class RegistrationsController < Devise::RegistrationsController
include AcceptsPendingInvitations include AcceptsPendingInvitations
before_action :whitelist_query_limiting, only: [:destroy] before_action :whitelist_query_limiting, only: [:destroy]
before_action :ensure_terms_accepted,
if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? },
only: [:create]
def new def new
redirect_to(new_user_session_path) redirect_to(new_user_session_path)
...@@ -18,7 +21,9 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -18,7 +21,9 @@ class RegistrationsController < Devise::RegistrationsController
if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha if !Gitlab::Recaptcha.load_configurations! || verify_recaptcha
accept_pending_invitations accept_pending_invitations
super super do |new_user|
persist_accepted_terms_if_required(new_user)
end
else else
flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.' flash[:alert] = 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.'
flash.delete :recaptcha_error flash.delete :recaptcha_error
...@@ -40,6 +45,16 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -40,6 +45,16 @@ class RegistrationsController < Devise::RegistrationsController
protected protected
def persist_accepted_terms_if_required(new_user)
return unless new_user.persisted?
return unless Gitlab::CurrentSettings.current_application_settings.enforce_terms?
if terms_accepted?
terms = ApplicationSetting::Term.latest
Users::RespondToTermsService.new(new_user, terms).execute(accepted: true)
end
end
def destroy_confirmation_valid? def destroy_confirmation_valid?
if current_user.confirm_deletion_with_password? if current_user.confirm_deletion_with_password?
current_user.valid_password?(params[:password]) current_user.valid_password?(params[:password])
...@@ -91,4 +106,14 @@ class RegistrationsController < Devise::RegistrationsController ...@@ -91,4 +106,14 @@ class RegistrationsController < Devise::RegistrationsController
def whitelist_query_limiting def whitelist_query_limiting
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42380') Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42380')
end end
def ensure_terms_accepted
return if terms_accepted?
redirect_to new_user_session_path, alert: _('You must accept our Terms of Service and privacy policy in order to register an account')
end
def terms_accepted?
Gitlab::Utils.to_boolean(params[:terms_opt_in])
end
end end
...@@ -2,6 +2,7 @@ module Users ...@@ -2,6 +2,7 @@ module Users
class TermsController < ApplicationController class TermsController < ApplicationController
include InternalRedirect include InternalRedirect
skip_before_action :authenticate_user!
skip_before_action :enforce_terms! skip_before_action :enforce_terms!
skip_before_action :check_password_expiration skip_before_action :check_password_expiration
skip_before_action :check_two_factor_requirement skip_before_action :check_two_factor_requirement
...@@ -14,7 +15,7 @@ module Users ...@@ -14,7 +15,7 @@ module Users
def index def index
@redirect = redirect_path @redirect = redirect_path
if @term.accepted_by_user?(current_user) if current_user && @term.accepted_by_user?(current_user)
flash.now[:notice] = "You have already accepted the Terms of Service as #{current_user.to_reference}" flash.now[:notice] = "You have already accepted the Terms of Service as #{current_user.to_reference}"
end end
end end
......
= form_for @application_setting, url: admin_application_settings_path do |f| = form_for @application_setting, url: admin_application_settings_path, html: { class: 'fieldset-form' } do |f|
= form_errors(@application_setting) = form_errors(@application_setting)
%fieldset %fieldset
...@@ -7,13 +7,13 @@ ...@@ -7,13 +7,13 @@
.form-check .form-check
= f.check_box :enforce_terms, class: 'form-check-input' = f.check_box :enforce_terms, class: 'form-check-input'
= f.label :enforce_terms, class: 'form-check-label' do = f.label :enforce_terms, class: 'form-check-label' do
= _("Require all users to accept Terms of Service when they access GitLab.") = _("Require all users to accept Terms of Service and Privacy Policy when they access GitLab.")
.form-text.text-muted .form-text.text-muted
= _("When enabled, users cannot use GitLab until the terms have been accepted.") = _("When enabled, users cannot use GitLab until the terms have been accepted.")
.form-group.row .form-group.row
.col-sm-12 .col-sm-12
= f.label :terms do = f.label :terms do
= _("Terms of Service Agreement") = _("Terms of Service Agreement and Privacy Policy")
.col-sm-12 .col-sm-12
= f.text_area :terms, class: 'form-control', rows: 8 = f.text_area :terms, class: 'form-control', rows: 8
.form-text.text-muted .form-text.text-muted
......
...@@ -50,11 +50,11 @@ ...@@ -50,11 +50,11 @@
%section.settings.as-terms.no-animate#js-terms-settings{ class: ('expanded' if expanded) } %section.settings.as-terms.no-animate#js-terms-settings{ class: ('expanded' if expanded) }
.settings-header .settings-header
%h4 %h4
= _('Terms of Service') = _('Terms of Service and Privacy Policy')
%button.btn.btn-default.js-settings-toggle{ type: 'button' } %button.btn.btn-default.js-settings-toggle{ type: 'button' }
= expanded ? _('Collapse') : _('Expand') = expanded ? _('Collapse') : _('Expand')
%p %p
= _('Include a Terms of Service agreement that all users must accept.') = _('Include a Terms of Service agreement and Privacy Policy that all users must accept.')
.settings-content .settings-content
= render 'terms' = render 'terms'
......
...@@ -22,6 +22,13 @@ ...@@ -22,6 +22,13 @@
= f.label :password = f.label :password
= f.password_field :password, class: "form-control bottom", required: true, pattern: ".{#{@minimum_password_length},}", title: "Minimum length is #{@minimum_password_length} characters." = f.password_field :password, class: "form-control bottom", required: true, pattern: ".{#{@minimum_password_length},}", title: "Minimum length is #{@minimum_password_length} characters."
%p.gl-field-hint Minimum length is #{@minimum_password_length} characters %p.gl-field-hint Minimum length is #{@minimum_password_length} characters
- if Gitlab::CurrentSettings.current_application_settings.enforce_terms?
.form-group
= check_box_tag :terms_opt_in, '1', false, required: true
= label_tag :terms_opt_in do
- terms_link = link_to s_("I accept the|Terms of Service and Privacy Policy"), terms_path, target: "_blank"
- accept_terms_label = _("I accept the %{terms_link}") % { terms_link: terms_link }
= accept_terms_label.html_safe
%div %div
- if Gitlab::Recaptcha.enabled? - if Gitlab::Recaptcha.enabled?
= recaptcha_tags = recaptcha_tags
......
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
.card-body.rendered-terms .card-body.rendered-terms
= markdown_field(@term, :terms) = markdown_field(@term, :terms)
.card-footer.footer-block.clearfix - if current_user
.card-footer.footer-block.clearfix
- if can?(current_user, :accept_terms, @term) - if can?(current_user, :accept_terms, @term)
.float-right .float-right
= button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do = button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do
......
---
title: Users can accept terms during registration
merge_request: 19583
author:
type: other
...@@ -20,6 +20,19 @@ When an admin enables this feature, they will automattically be ...@@ -20,6 +20,19 @@ When an admin enables this feature, they will automattically be
directed to the page to accept the terms themselves. After they directed to the page to accept the terms themselves. After they
accept, they will be directed back to the settings page. accept, they will be directed back to the settings page.
## New registrations
When this feature is enabled, a checkbox will be available in the
sign-up form.
![Sign up form](img/sign_up_terms.png)
This checkbox will be required during sign up.
Users can review the terms entered in the admin panel before
accepting. The page will be opened in a new window so they can
continue their registration afterwards.
## Accepting terms ## Accepting terms
When this feature was enabled, the users that have not accepted the When this feature was enabled, the users that have not accepted the
......
...@@ -8,8 +8,8 @@ msgid "" ...@@ -8,8 +8,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: gitlab 1.0.0\n" "Project-Id-Version: gitlab 1.0.0\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-06-07 19:35+0200\n" "POT-Creation-Date: 2018-06-08 18:19+0200\n"
"PO-Revision-Date: 2018-06-07 19:35+0200\n" "PO-Revision-Date: 2018-06-08 18:19+0200\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n" "Language: \n"
...@@ -232,7 +232,7 @@ msgstr "" ...@@ -232,7 +232,7 @@ msgstr ""
msgid "Account" msgid "Account"
msgstr "" msgstr ""
msgid "Account and limit settings" msgid "Account and limit"
msgstr "" msgstr ""
msgid "Active" msgid "Active"
...@@ -780,9 +780,6 @@ msgstr "" ...@@ -780,9 +780,6 @@ msgstr ""
msgid "CI/CD settings" msgid "CI/CD settings"
msgstr "" msgstr ""
msgid "CICD|A domain is required to use Auto Review Apps and Auto Deploy Stages."
msgstr ""
msgid "CICD|An explicit %{ci_file} needs to be specified before you can begin using Continuous Integration and Delivery." msgid "CICD|An explicit %{ci_file} needs to be specified before you can begin using Continuous Integration and Delivery."
msgstr "" msgstr ""
...@@ -792,6 +789,18 @@ msgstr "" ...@@ -792,6 +789,18 @@ msgstr ""
msgid "CICD|Auto DevOps will automatically build, test, and deploy your application based on a predefined Continuous Integration and Delivery configuration." msgid "CICD|Auto DevOps will automatically build, test, and deploy your application based on a predefined Continuous Integration and Delivery configuration."
msgstr "" msgstr ""
msgid "CICD|Automatic deployment to staging, manual deployment to production"
msgstr ""
msgid "CICD|Continuous deployment to production"
msgstr ""
msgid "CICD|Deployment strategy"
msgstr ""
msgid "CICD|Deployment strategy needs a domain name to work correctly."
msgstr ""
msgid "CICD|Disable Auto DevOps" msgid "CICD|Disable Auto DevOps"
msgstr "" msgstr ""
...@@ -813,6 +822,9 @@ msgstr "" ...@@ -813,6 +822,9 @@ msgstr ""
msgid "CICD|The Auto DevOps pipeline configuration will be used when there is no %{ci_file} in the project." msgid "CICD|The Auto DevOps pipeline configuration will be used when there is no %{ci_file} in the project."
msgstr "" msgstr ""
msgid "CICD|You need to specify a domain if you want to use Auto Review Apps and Auto Deploy stages."
msgstr ""
msgid "Can run untagged jobs" msgid "Can run untagged jobs"
msgstr "" msgstr ""
...@@ -2133,6 +2145,9 @@ msgstr "" ...@@ -2133,6 +2145,9 @@ msgstr ""
msgid "Failed to update issues, please try again." msgid "Failed to update issues, please try again."
msgstr "" msgstr ""
msgid "Failure"
msgstr ""
msgid "Feb" msgid "Feb"
msgstr "" msgstr ""
...@@ -2371,6 +2386,12 @@ msgstr "" ...@@ -2371,6 +2386,12 @@ msgstr ""
msgid "Housekeeping successfully started" msgid "Housekeeping successfully started"
msgstr "" msgstr ""
msgid "I accept the %{terms_link}"
msgstr ""
msgid "I accept the|Terms of Service and Privacy Policy"
msgstr ""
msgid "IDE|Commit" msgid "IDE|Commit"
msgstr "" msgstr ""
...@@ -2407,7 +2428,7 @@ msgstr "" ...@@ -2407,7 +2428,7 @@ msgstr ""
msgid "Import repository" msgid "Import repository"
msgstr "" msgstr ""
msgid "Include a Terms of Service agreement that all users must accept." msgid "Include a Terms of Service agreement and Privacy Policy that all users must accept."
msgstr "" msgstr ""
msgid "Install Runner on Kubernetes" msgid "Install Runner on Kubernetes"
...@@ -3548,7 +3569,7 @@ msgstr "" ...@@ -3548,7 +3569,7 @@ msgstr ""
msgid "Repository maintenance" msgid "Repository maintenance"
msgstr "" msgstr ""
msgid "Repository mirror settings" msgid "Repository mirror"
msgstr "" msgstr ""
msgid "Repository storage" msgid "Repository storage"
...@@ -3557,7 +3578,7 @@ msgstr "" ...@@ -3557,7 +3578,7 @@ msgstr ""
msgid "Request Access" msgid "Request Access"
msgstr "" msgstr ""
msgid "Require all users to accept Terms of Service when they access GitLab." msgid "Require all users to accept Terms of Service and Privacy Policy when they access GitLab."
msgstr "" msgstr ""
msgid "Reset git storage health information" msgid "Reset git storage health information"
...@@ -3616,9 +3637,6 @@ msgstr "" ...@@ -3616,9 +3637,6 @@ msgstr ""
msgid "Runners can be placed on separate users, servers, and even on your local machine." msgid "Runners can be placed on separate users, servers, and even on your local machine."
msgstr "" msgstr ""
msgid "Runners settings"
msgstr ""
msgid "Running" msgid "Running"
msgstr "" msgstr ""
...@@ -3942,6 +3960,9 @@ msgstr "" ...@@ -3942,6 +3960,9 @@ msgstr ""
msgid "Squash commits" msgid "Squash commits"
msgstr "" msgstr ""
msgid "Stage"
msgstr ""
msgid "Stage all" msgid "Stage all"
msgstr "" msgstr ""
...@@ -4100,10 +4121,10 @@ msgstr "" ...@@ -4100,10 +4121,10 @@ msgstr ""
msgid "Team" msgid "Team"
msgstr "" msgstr ""
msgid "Terms of Service" msgid "Terms of Service Agreement and Privacy Policy"
msgstr "" msgstr ""
msgid "Terms of Service Agreement" msgid "Terms of Service and Privacy Policy"
msgstr "" msgstr ""
msgid "The Issue Tracker is the place to add things that need to be improved or solved in a project" msgid "The Issue Tracker is the place to add things that need to be improved or solved in a project"
...@@ -4331,6 +4352,9 @@ msgstr "" ...@@ -4331,6 +4352,9 @@ msgstr ""
msgid "Timeago|%s days remaining" msgid "Timeago|%s days remaining"
msgstr "" msgstr ""
msgid "Timeago|%s hours ago"
msgstr ""
msgid "Timeago|%s hours remaining" msgid "Timeago|%s hours remaining"
msgstr "" msgstr ""
...@@ -4346,6 +4370,9 @@ msgstr "" ...@@ -4346,6 +4370,9 @@ msgstr ""
msgid "Timeago|%s months remaining" msgid "Timeago|%s months remaining"
msgstr "" msgstr ""
msgid "Timeago|%s seconds ago"
msgstr ""
msgid "Timeago|%s seconds remaining" msgid "Timeago|%s seconds remaining"
msgstr "" msgstr ""
...@@ -4361,46 +4388,43 @@ msgstr "" ...@@ -4361,46 +4388,43 @@ msgstr ""
msgid "Timeago|%s years remaining" msgid "Timeago|%s years remaining"
msgstr "" msgstr ""
msgid "Timeago|1 day remaining" msgid "Timeago|1 day ago"
msgstr "" msgstr ""
msgid "Timeago|1 hour remaining" msgid "Timeago|1 day remaining"
msgstr ""
msgid "Timeago|1 minute remaining"
msgstr "" msgstr ""
msgid "Timeago|1 month remaining" msgid "Timeago|1 hour ago"
msgstr "" msgstr ""
msgid "Timeago|1 week remaining" msgid "Timeago|1 hour remaining"
msgstr "" msgstr ""
msgid "Timeago|1 year remaining" msgid "Timeago|1 minute ago"
msgstr "" msgstr ""
msgid "Timeago|Past due" msgid "Timeago|1 minute remaining"
msgstr "" msgstr ""
msgid "Timeago|a day ago" msgid "Timeago|1 month ago"
msgstr "" msgstr ""
msgid "Timeago|a month ago" msgid "Timeago|1 month remaining"
msgstr "" msgstr ""
msgid "Timeago|a week ago" msgid "Timeago|1 week ago"
msgstr "" msgstr ""
msgid "Timeago|a year ago" msgid "Timeago|1 week remaining"
msgstr "" msgstr ""
msgid "Timeago|about %s hours ago" msgid "Timeago|1 year ago"
msgstr "" msgstr ""
msgid "Timeago|about a minute ago" msgid "Timeago|1 year remaining"
msgstr "" msgstr ""
msgid "Timeago|about an hour ago" msgid "Timeago|Past due"
msgstr "" msgstr ""
msgid "Timeago|in %s days" msgid "Timeago|in %s days"
...@@ -4442,7 +4466,7 @@ msgstr "" ...@@ -4442,7 +4466,7 @@ msgstr ""
msgid "Timeago|in 1 year" msgid "Timeago|in 1 year"
msgstr "" msgstr ""
msgid "Timeago|less than a minute ago" msgid "Timeago|just now"
msgstr "" msgstr ""
msgid "Timeago|right now" msgid "Timeago|right now"
...@@ -4872,6 +4896,9 @@ msgstr "" ...@@ -4872,6 +4896,9 @@ msgstr ""
msgid "You have reached your project limit" msgid "You have reached your project limit"
msgstr "" msgstr ""
msgid "You must accept our Terms of Service and privacy policy in order to register an account"
msgstr ""
msgid "You must have maintainer access to force delete a lock" msgid "You must have maintainer access to force delete a lock"
msgstr "" msgstr ""
......
require 'spec_helper' require 'spec_helper'
describe RegistrationsController do describe RegistrationsController do
include TermsHelper
describe '#create' do describe '#create' do
let(:user_params) { { user: { name: 'new_user', username: 'new_username', email: 'new@user.com', password: 'Any_password' } } } let(:user_params) { { user: { name: 'new_user', username: 'new_username', email: 'new@user.com', password: 'Any_password' } } }
...@@ -67,6 +69,25 @@ describe RegistrationsController do ...@@ -67,6 +69,25 @@ describe RegistrationsController do
expect(flash[:notice]).to include 'Welcome! You have signed up successfully.' expect(flash[:notice]).to include 'Welcome! You have signed up successfully.'
end end
end end
context 'when terms are enforced' do
before do
enforce_terms
end
it 'redirects back with a notice when the checkbox was not checked' do
post :create, user_params
expect(flash[:alert]).to match /you must accept our terms/i
end
it 'creates the user with agreement when terms are accepted' do
post :create, user_params.merge(terms_opt_in: '1')
expect(subject.current_user).to be_present
expect(subject.current_user.terms_accepted?).to be(true)
end
end
end end
describe '#destroy' do describe '#destroy' do
......
...@@ -94,7 +94,7 @@ feature 'Admin updates settings' do ...@@ -94,7 +94,7 @@ feature 'Admin updates settings' do
accept_terms(admin) accept_terms(admin)
page.within('.as-terms') do page.within('.as-terms') do
check 'Require all users to accept Terms of Service when they access GitLab.' check 'Require all users to accept Terms of Service and Privacy Policy when they access GitLab.'
fill_in 'Terms of Service Agreement', with: 'Be nice!' fill_in 'Terms of Service Agreement', with: 'Be nice!'
click_button 'Save changes' click_button 'Save changes'
end end
......
...@@ -140,7 +140,7 @@ describe 'Signup' do ...@@ -140,7 +140,7 @@ describe 'Signup' do
enforce_terms enforce_terms
end end
it 'asks the user to accept terms before going to the dashboard' do it 'requires the user to check the checkbox' do
visit root_path visit root_path
fill_in 'new_user_name', with: new_user.name fill_in 'new_user_name', with: new_user.name
...@@ -148,11 +148,24 @@ describe 'Signup' do ...@@ -148,11 +148,24 @@ describe 'Signup' do
fill_in 'new_user_email', with: new_user.email fill_in 'new_user_email', with: new_user.email
fill_in 'new_user_email_confirmation', with: new_user.email fill_in 'new_user_email_confirmation', with: new_user.email
fill_in 'new_user_password', with: new_user.password fill_in 'new_user_password', with: new_user.password
click_button "Register"
expect_to_be_on_terms_page click_button 'Register'
expect(current_path).to eq new_user_session_path
expect(page).to have_content(/you must accept our terms of service/i)
end
it 'asks the user to accept terms before going to the dashboard' do
visit root_path
fill_in 'new_user_name', with: new_user.name
fill_in 'new_user_username', with: new_user.username
fill_in 'new_user_email', with: new_user.email
fill_in 'new_user_email_confirmation', with: new_user.email
fill_in 'new_user_password', with: new_user.password
check :terms_opt_in
click_button 'Accept terms' click_button "Register"
expect(current_path).to eq dashboard_projects_path expect(current_path).to eq dashboard_projects_path
end end
......
...@@ -3,12 +3,10 @@ require 'spec_helper' ...@@ -3,12 +3,10 @@ require 'spec_helper'
describe 'Users > Terms' do describe 'Users > Terms' do
include TermsHelper include TermsHelper
let(:user) { create(:user) }
let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') } let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') }
before do before do
stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false') stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
sign_in(user)
end end
it 'shows the terms' do it 'shows the terms' do
...@@ -17,6 +15,22 @@ describe 'Users > Terms' do ...@@ -17,6 +15,22 @@ describe 'Users > Terms' do
expect(page).to have_content('By accepting, you promise to be nice!') expect(page).to have_content('By accepting, you promise to be nice!')
end end
it 'does not show buttons to accept, decline or sign out', :aggregate_failures do
visit terms_path
expect(page).not_to have_css('.footer-block')
expect(page).not_to have_content('Accept terms')
expect(page).not_to have_content('Decline and sign out')
expect(page).not_to have_content('Continue')
end
context 'when signed in' do
let(:user) { create(:user) }
before do
sign_in(user)
end
context 'declining the terms' do context 'declining the terms' do
it 'returns the user to the app' do it 'returns the user to the app' do
visit terms_path visit terms_path
...@@ -116,4 +130,5 @@ describe 'Users > Terms' do ...@@ -116,4 +130,5 @@ describe 'Users > Terms' do
end end
end end
end end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment